﻿using Microsoft.Extensions.DependencyInjection;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using Microsoft.Extensions.Configuration;
using Microsoft.AspNetCore.Authorization;
/// <summary>
/// 2021/12/25 0:23:45  LazyCoder
/// 
/// </summary>
namespace SH.Ms.JwtHelper.Extensions
{
    public static class AddJWTTokenServicesExtensions
    {
        public static IServiceCollection AddJWTTokenServices(this IServiceCollection Services, IConfiguration Configuration)
        {
            // Add Jwt Setings
            var bindJwtSettings = new JwtSettings();
            Configuration.Bind("JsonWebTokenKeys", bindJwtSettings);
            Services.AddSingleton(bindJwtSettings);
            Services.AddAuthentication(options => {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })
                .AddJwtBearer(options => {
                   
                options.RequireHttpsMetadata = false;
                options.SaveToken = true;
                options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
                {
                    ValidateIssuerSigningKey = bindJwtSettings.ValidateIssuerSigningKey,
                    IssuerSigningKey = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(bindJwtSettings.IssuerSigningKey)),
                    ValidateIssuer = bindJwtSettings.ValidateIssuer,
                    ValidIssuer = bindJwtSettings.ValidIssuer,
                    ValidateAudience = bindJwtSettings.ValidateAudience,
                    ValidAudience = bindJwtSettings.ValidAudience,
                    RequireExpirationTime = bindJwtSettings.RequireExpirationTime,
                    ValidateLifetime = bindJwtSettings.RequireExpirationTime,
                    ClockSkew = TimeSpan.FromMinutes(60),                     
                };
            });
            Services.AddTransient<IAuthorizationHandler, MyHandler>();
            //Services.AddAuthorization(options => {
            //    options.DefaultPolicy.Requirements.Append(new MyRequirement());
            //    //options.AddPolicy("name", opt =>
            //    //{
            //    //    opt.AddRequirements(new MyRequirement());
            //    //});
            //});
            return Services;
        }
    }
    public class MyRequirement: IAuthorizationRequirement
    { 
    }
    public class MyHandler : AuthorizationHandler<MyRequirement>
    {
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, MyRequirement requirement)
        {
            // TODO  自己的验证规则;
            if (requirement!=null)
            {
                context.Succeed(requirement);  // OK 
            }
            return Task.CompletedTask;
        }
    }
}
